In order to help prevent phishing attacks from an unauthorized sender spoofing an email address, banks are starting to collect special branded top level domains, such as dot-citi, dot-bofa and dot-barclays. The challenge comes with consumer recognition, as end users do not know yet that these domains exist and might mistake legitimate emails for scams.